Jobs · Information Technology · Arkansas

IT - Information Assurance/Security Engineer III

Apex Systems · Mountain Home, AR · 2 wk ago
Information TechnologyContract

About the role

The ideal candidate will play a pivotal role in safeguarding and strengthening the security posture of the ClaimsCore platform by performing comprehensive security analysis, vulnerability assessments, and compliance monitoring. This position will support ongoing system maintenance, platform enhancements, and major modernization activities by providing expert security guidance, reviewing configurations, and ensuring alignment with enterprise and federal security standards.

Responsibilities

  • Performing security analysis, vulnerability assessments, and compliance monitoring for the ClaimsCore platform.
  • Reviewing, interpreting, and validating security scan results from tools such as Tenable, Qualys, or similar enterprise vulnerability platforms.
  • Prioritizing remediation efforts and tracking vulnerability resolution against established SLA timelines.
  • Coinciding with development, operations, and infrastructure teams to ensure timely remediation and secure configuration management.
  • Supporting internal and external audit activities, including evidence collection, control validation, and implementation of corrective actions.
  • Reviewing system and application security configurations to ensure alignment with enterprise standards, NIST guidelines, and Zero Trust principles.
  • Providing actionable security recommendations to technical teams and participating in design reviews for secure implementation of new features or system updates.
  • Monitoring compliance with security policies, procedures, and regulatory requirements, and escalating deviations as appropriate.
  • Supporting incident response activities by analyzing potential vulnerabilities, misconfigurations, and threat vectors relevant to the ClaimsCore environment.

Requirements

  • Education: A Bachelor of Science or Bachelor of Arts degree with 5 years of experience, a Master of Science or Master of Arts degree with 3 years of experience, or a PhD with 0 years of experience is required.
  • Experience: 5–8+ years of experience in security analysis, vulnerability management, or cybersecurity operations in a large enterprise or federal environment. Experience supporting compliance, audit activities, or regulatory requirements for federal or large enterprise systems is also required.
  • Technical Skills: Hands-on experience with vulnerability scanning platforms (e.g., Tenable.sc, Tenable Nessus, Qualys) and an understanding of CVE, CVSS, and vulnerability lifecycle processes. Demonstrated ability to analyze scan data, identify false positives, and translate technical findings into clear, actionable remediation tasks. Familiarity with security frameworks and standards including NIST 800-53, NIST CSF, RMF, and CIS benchmarks. A strong understanding of secure configuration principles for operating systems, cloud platforms, and application environments. Effective communication skills (verbal and written) with both technical and non-technical stakeholders.

Qualifications

  • Security-related certifications such as Security+, CySA+, GSEC, CEH, CISSP, CISM, or equivalent.
  • Experience with cloud environments (AWS, Azure, or GCP) and associated security services or baseline configurations.
  • Experience supporting large modernization efforts or legacy-to-cloud migrations.
  • Knowledge of SIEM platforms, security automation workflows, and log analysis.
  • Experience working in Agile or DevSecOps environments and providing security input throughout SDLC processes.
  • Familiarity with federal healthcare systems or related compliance requirements.
  • Experience generating security reports and presenting findings to leadership or program stakeholders.

Skills

  • Hands-on experience with vulnerability scanning platforms (e.g., Tenable.sc, Tenable Nessus, Qualys).
  • Demonstrated ability to analyze scan data, identify false positives, and translate technical findings into clear, actionable remediation tasks.
  • Familiarity with security frameworks and standards including NIST 800-53, NIST CSF, RMF, and CIS benchmarks.
  • A strong understanding of secure configuration principles for operating systems, cloud platforms, and application environments.
  • Effective communication skills (verbal and written) with both technical and non-technical stakeholders.

Benefits

Everforth Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Everforth Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Everforth Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Everforth Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our ‘Welcome Packet’ as well, which an Everforth Apex team member can provide.

Similar jobs

IT Security Engineer III/IV

Zone 5 TechnologiesSan Luis Obispo County, CA· 1 wk ago
Information Technology$129k–$158k/yrapply on grnh.se